Plain language. No legalese.Privacy that's actually private.
Architecture, not promises.
Five bullets first. Then the operational detail. This is our privacy stance in plain language: what we collect, how we use it, and what we will never do — exactly what the architecture enforces.
The plain-language stanceWhat you can hold us to, in five sentences.
- We do not train AI on your journals, sources, or chats. Not now, not ever. We have not opted in to model-provider training. The "no training" stance is contractual with our partners.
- We do not sell your data. Not to advertisers. Not to data brokers. Not to "research partners." Period.
- We do not run ads. There are no ads in Journal Genie. There will not be ads in Journal Genie.
- You can export your entire account — notebooks, journals, surveys, Studio artifacts — in plain markdown, one click, anytime. You can delete your account and we send you proof within seven business days.
- We are based in Alabama, USA, operating as Yotta-Byte Labs. We comply with applicable US privacy law and the GDPR for users in the EU.
What we store
- Notebook contents, journal entries, Surveys answers, Studio artifacts, and account state — all account-backed. Encrypted at rest. Encrypted in transit.
- Your Genie personalization profile — what to call you, your role, what you’re focused on, your interests, and your preferred Genie style — if you provide it during the welcome intake. Editable and clearable anytime in Settings → Personalize.
- Browser cache for speed. Clearing local storage clears the convenience layer, not your work. Your work hydrates back from the account on next sign-in.
- Reward / points ledger — what you earned, when. No third-party tracking attached.
- Auth + session state via Supabase. Standard cookie-based session handling, with Secure + HttpOnly + SameSite=Lax on the auth cookies.
How we use it
- To operate the product features you ask for: authentication, notebooks, journal, Surveys, export, and billing.
- To generate AI responses and survey questions using the context you selected or explicitly included. We send the request + retrieved context to your model provider per call — OpenAI by default, or the model you pick in the picker (e.g. a paid-tier Gemini model). The request is never used for training, on any provider tier we use.
- To personalize Genie: by default it draws on your notebooks, the sources you add, your completed surveys, and the onboarding profile you provide. Your journal is the exception — it stays private from Genie until you explicitly include it (per entry, or in Settings → Privacy). You can change any of this anytime.
- To secure, debug, and improve the service — never to mine your private content for marketing copy or training signals.
- To send you transactional emails (password reset, billing receipts, account confirmations). No marketing email by default.
What we won't claim
- We don't claim SOC 2, ISO 27001, or HIPAA certifications. Our privacy is enforced by the architecture — row-level isolation, no training, encrypted storage — verifiable in the open code.
- We do not claim "your data never leaves our systems" — third-party processors (Supabase, OpenAI, Google Gemini API, Stripe, Sentry, Better Stack) are real and named. See /trust for the full processor list.
- We do not claim instant or universal deletion. Deletion is real and complete within seven business days; we send proof.
- We don't fake "trusted by millions" or rent logos. The proof is the architecture, not a badge — and it's in the open code.
Request pathData access, correction, export, deletion
For data access, correction, export, deletion, or any privacy-policy follow-up, email privacy@journal-genie.com. The inbox is operationally verified and routes to the founder. We acknowledge within five business days and complete most requests within seven. For non-sensitive product bugs, GitHub issues remains an option — keep journal content, billing detail, and account-sensitive data out of public threads.